Lucene search
K

228 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: udisks2 (UTSA-2026-006231)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006231 advisory. A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler...

8.5CVSS5.8AI score0.0065EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/14 12:0 a.m.4 views

PT-2026-25531

Your package manager's D-Bus interface is root-privileged, always-on, and crashes instantly if you whisper the wrong locale at it. CVE-2026-3836. CVSS 7.5. No auth required. The tool patching your system was the hole. Upgrade dnf5 now. https://t.co/scoaPCnClG...

5.8AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/03/02 1:43 a.m.6 views

udisks: Missing Authorization Check Allows Unprivileged Users to Back Up LUKS Headers via udisks D-Bus API

A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitiv...

5.5CVSS5.7AI score0.00075EPSS
Exploits0References5
OSV
OSV
added 2026/02/25 11:16 a.m.4 views

CVE-2026-26103

A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption metadata on block...

7.1CVSS5.8AI score0.00075EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/25 10:51 a.m.3 views

CVE-2026-26104 Udisks: missing authorization check allows unprivileged users to back up luks headers via udisks d-bus api

A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitiv...

5.5CVSS5.4AI score0.00075EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005021)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005021 advisory. In the Linux kernel, the following vulnerability has been resolved: media: lgdt3306a: Add a check against null-pointer-def The driver should check whether the client...

5.5CVSS5.8AI score0.00244EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.6 views

EulerOS 2.0 SP10 : udisks2 (EulerOS-SA-2026-1038)

According to the versions of the udisks2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the...

8.5CVSS5.9AI score0.0065EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.6 views

EulerOS 2.0 SP10 : udisks2 (EulerOS-SA-2026-1059)

According to the versions of the udisks2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the...

8.5CVSS5.9AI score0.0065EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/01/14 11:53 a.m.6 views

CVE-2025-66005 Lack of Authentication in the InputManager D-Bus interface

Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session...

8.5CVSS6.3AI score0.002EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/01/12 6:15 p.m.3 views

CVE-2025-68276

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, an unprivileged local users can crash avahi-daemon with wide-area disabled by creating record browsers with the AVAHILOOKUPUSEWIDEAREA flag set via D-Bus. This can ...

5.5CVSS5.8AI score0.0014EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/01/12 5:31 p.m.5 views

CVE-2025-68276

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, an unprivileged local users can crash avahi-daemon with wide-area disabled by creating record browsers with the AVAHILOOKUPUSEWIDEAREA flag set via D-Bus. This can ...

5.5CVSS6.7AI score0.0014EPSS
Exploits0References3
Fedora
Fedora
added 2026/01/09 5:21 p.m.6 views

[SECURITY] Fedora 43 Update: foomuuri-0.31-1.fc43

Foomuuri is a firewall generator for nftables based on the concept of zones. It is suitable for all systems from personal machines to corporate firewalls, and supports advanced features such as a rich rule language, IPv4/IPv6 rule splitting, dynamic DNS lookups, a D-Bus API and FirewallD emulatio...

7CVSS7AI score0.00171EPSS
Exploits0
EUVD
EUVD
added 2025/12/30 3:30 p.m.4 views

EUVD-2023-60392

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer...

6AI score0.00166EPSS
Exploits0References4
OSV
OSV
added 2025/12/30 12:15 p.m.5 views

CVE-2023-54249 bus: mhi: ep: Only send -ENOTCONN status if client driver is available

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer...

6.4AI score0.00166EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/12/11 12:0 a.m.2 views

EulerOS 2.0 SP11 : udisks2 (EulerOS-SA-2025-2472)

According to the versions of the udisks2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the...

8.5CVSS5.9AI score0.0065EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/12/11 12:0 a.m.2 views

EulerOS 2.0 SP13 : udisks2 (EulerOS-SA-2025-2512)

According to the versions of the udisks2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the...

8.5CVSS5.9AI score0.0065EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/02 12:0 a.m.10 views

CVE-2025-59705

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivation of the USB interface" or F01...

0.00263EPSS
Exploits1References2
SUSE Linux
SUSE Linux
added 2025/10/24 11:3 a.m.2 views

Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfre...

9.2CVSS7.2AI score0.00528EPSS
Exploits1References40
OSV
OSV
added 2025/10/24 10:10 a.m.10 views

SUSE-SU-2025:20875-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_6

This update for kernel-livepatch-MICRO-6-0-RTUpdate6 fixes the following issues: - CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 - CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 - CVE-2025-38471: kernel: tls: always refresh the queue...

7.8CVSS6.6AI score0.00528EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2025/10/22 12:0 a.m.5 views

TencentOS Server 2: udisks2 (TSSA-2025:0804)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0804 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

8.5CVSS6AI score0.0065EPSS
Exploits1References2
Rows per page
Query Builder